Glossary 


access control list (ACL) — A list of security 
identifiers that are contained by a resource 
object. Only those processes with the appro- 
priate access token can activate the services of 
that object. 


access token — Objects containing the security 
identifier of an active process. These tokens 
determine the security context of the process. 


account lockout policy — Defines the conditions 
that result in a user account being locked out. 


activating Windows — A new Microsoft require- 
ment to prevent software piracy by registering 
installations of Windows XP with the signature 
of its supporting hardware. 


active (marked active) — The status of a primary 
partition that indicates to the computer’s BIOS 
that it hosts the necessary files to boot an operat- 
ing system. 


Active Directory — A centralized resource and 
security management, administration, and control 
mechanism used to support and maintain a 
Windows XP domain. The Active Directory is 
hosted by domain controllers. 


active partition — The partition the computer 
uses to boot. 


Address Resolution Protocol (ARP) — The IP 
protocol used to resolve numeric IP addresses 
into their MAC layer physical address equivalents. 


Administrator — The Windows XP account 
designed to perform a full array of management 
functions. This is the most powerful account pos- 
sible within the Windows XP environment. 


Advanced RISC Computing (ARC) 
pathname — Naming convention used in the 
Boot.ini file to define the particular hard disk 
and partition where Windows XP operating 
system files reside. 


alert — A watchdog that informs you when a 
counter crosses a defined threshold. An alert is an 
automated attendant looking for high or low val- 
ues, and can consist of one or more 
counter/instance-based alert definitions. 


answer file — A text file, also called a response file, 
that contains a set of instructions for installing 
Windows XP. 


applet — A tool or utility found in the Control 
Panel that typically has a single focused purpose 
or function. 


Application log — Records application events, 
alerts, and system messages. 


application programming interface (API) — A 
set of software routines referenced by an applica- 
tion to access underlying application services. 


architecture — The layout of operating system 
components and their relationships. 


audit policy — Defines the events that are record- 
ed in the Security log of the Event Viewer. 


auditing — The process of tracking events by 
recording selected types of events in the 
Security log. 


authentication — The process of validating a user’s 
credentials to allow access to certain resources. 


Author Mode — The condition of a console that 
allows users to add and remove snap-ins, create 
new windows, view the entire console tree, and 
save new versions of the console. 


backup type — A backup configuration that 
determines how often data is backed up and 
how old and new files are handled. The types of 
backups are copy, daily, differential, incremental, 
and normal. 
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Backup utility — The tool built in to Windows XP 
that enables users to back up and restore their 
data and system configurations in case of a hard- 
ware or software failure. 


base priority — The lowest priority that a thread 
may be assigned, based on the priority assigned 
to its process. 


baseline — A definition of what a normal load 
looks like on a computer system; it provides a 
point of comparison against which you can 
measure future system behavior. 


basic storage — The drive division method that 
employs partitions. 


bindery — The database used by versions of 
NetWare before 4.0 to store network resource 
configuration information. 


binding — The process of developing a stack by 
linking together network services and protocols. 
The binding facility allows users to define exactly 
how network services operate for optimal net- 
work performance. 


BIOS (basic input/output system) — A special 
PC ROM chip that contains sufficient program 
code to let a computer perform a POST routine, 
to check its hardware components, and to oper- 
ate basic input and output routines for keyboard 
or mouse input, and screen output. 


boot loader — The software that shows all operat- 
ing systems currently available and, through a 
menu, permits the user to choose which one 


should be booted. 


boot partition — The partition that hosts the 
main Windows XP system files and is the initial 
default location for the paging file. The boot 
partition can be the same partition as the system 
partition or it can be any other partition (or log- 
ical drive in an extended partition) on any drive 
hosted by the computer. 


boot phase — Any of a number of stages in the 
Windows XP boot process, starting with the 
POST, through initial startup activities, to 
activation of a boot loader program, to selection 
of the operating system (or version) to boot, to 
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hardware detection (Ntdetect), to selecting a 
configuration. 


boot process — The process of bringing up a 
completely functional computer, starting from 
initial power-up (or reboot) through the boot 
phases and load phases involved in starting the 
hardware, finding a boot loader, and then loading 
and initializing an operating system. 

boot selection menu — The list of bootable 
operating systems (or versions) that Boot.ini pro- 
vides for display at the end of the Windows XP 
boot phase. 


Boot.ini — The text file that creates the Windows XP 
boot loader’s menu. 


bottleneck — A system resource or device that 
limits a system’s performance. Ideally, the user 
should be the bottleneck on a system, not any 
hardware or software component. 


bound application — An application capable of 
running in a virtual DOS machine. 


certificate — An electronic identity verification 
mechanism. Certificates are assigned to a client or 
server by a Certificate Authority. When commu- 
nications begin, each side of the transmission can 
decide to either trust the other party based on 
their certificate and continue the communications 
or not to trust and terminate communications. 


characterization data file — The file responsible 
for rendering the GDI commands into DDI 
commands that can be sent to the printer. Each 
graphics driver renders a different printer 
language. 


child process — A process spawned within the 
context of some Windows XP environment sub- 
systems (Win32, OS/2, or POSIX) that inherits 
operating characteristics from its parent subsys- 
tem and access characteristics from the permis- 
sions associated with the account that requested 
it to be launched. 


clean installation — The installation method in 
which an OS is installed without regard for pre- 
existing operating systems. In other words, all set- 
tings and configurations are set to the OS defaults. 


client — A computer used to access network 
resources. 


client application — An application or service 
that creates print jobs for output, which can be 
either end-user-originated or created by a print 
server itself (See also print client). 


Client Service for NetWare (CSNW) — Service 
included with Windows XP Professional that 
provides easy connection to NetWare servers. 


cluster — A group of one or more sectors into a 
single non-divisible unit. 


Common Internet File System (CIFS) — An 
enhanced version of SMB used for file and print 
services. 


complementary metal-oxide semiconductor 
(CMOS) — A special, battery-powered chip that 
can store not only the software necessary to con- 
duct the POST, but also the basic, nonvolatile 
configuration information that POST uses to 
check the RAM installed in a system, the num- 
ber and type of hard drives, the type of keyboard 
and mouse, and so forth. 


Computer Information File (CIF) — A detailed 
collection of all information related to the hard- 
ware and software products that comprise your 
computer (and even your entire network). 


connecting to a printer — The negotiation of a 
connection to a shared printer through the 
Browser service from a client or service across 
the network to the machine where the shared 
printer resides. 


connection-oriented — A class of network trans- 
port protocols that includes guaranteed delivery, 
explicit acknowledgement of data receipt, and a 
variety of data integrity checks to ensure reliable 
transmission and reception of data across a net- 
work. Although reliable, connection-oriented 
protocols can be slow because of the overhead 
and extra communication. 


connectionless — A class of network transport pro- 
tocols that makes only a “best-effort” attempt at 
delivery, and that includes no explicit mechanisms 
to guarantee delivery or data integrity. Because 


Glossary 613 


such protocols need not be particularly reliable, 
they are often much faster and require less over- 
head than connection-oriented protocols. 


console — The collection of snap-ins and exten- 
sions saved as an .msc file loaded into the MMC 
that offers administrative controls. 


context — The collection of Registry values and 
runtime environment variables in which a 
process or thread is currently running. 


context switch — The act of unloading the con- 
text information for one process and replacing it 
with the information for another, when the new 
process comes to the foreground. 


Control Panel — The collection of tools and utili- 
ties (called applets) within Windows, where most 
system- and hardware-level installation and con- 
figuration take place. 


control set — A special set of Registry values that 
describes a startup configuration of a computer 
running Windows XP that is saved each time a 
Windows machine is shut down (as the current 
configuration) and each time a user successfully 
logs on for the first time after bootup (as the Last 
Known Good Configuration). 


cooperative multitasking — A computing envi- 
ronment in which the individual application 
maintains control over the duration that its 
threads use operating time on the CPU. 


copy backup — A method of backing up all 
selected files without marking them as being 
backed up. 


counter (or performance counter) — A named 
aspect or activity that the Performance tool uses 
to measure or monitor some aspect of a regis- 
tered system or application object. 


Counter log — A log that records measurements 
on selected counters at regular, defined intervals. 
Counter logs allow you to define exactly which 
counters are recorded (based on computer, 
object, counter, and instance). 


creating a printer — Setting up a printer for 
local use. 
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critical section — In operating system terminology, 
this refers to a section of code that can be 
accessed only by a single thread at any one time, 
to prevent uncertain results from occurring when 
multiple threads attempt to change or access val- 
ues included in that code at the same time. 


daily backup — A method of backing up only the 
selected files that have been created or modified 
on the day that the backup is being performed. 
They are not marked as being backed up. 


Data Link Control (DLC) — A network trans- 
port protocol that allows connectivity to main- 
frames, printers, and servers running Remote 
Program Load software. 


data type — The format in which print jobs are 
sent to the spooler. Some data types are ready for 
printing (RAW) and some require further prepa- 
ration (EMF). Also refers to the setting on a 
Registry value entry that defines the data for- 
mat of the stored information. 


defragmentation — The process of reorganizing 
files so that they are stored contiguously and no 
gaps are left between files. 


demand paging — The act of requesting free 
pages of memory from RAM for an active 
application. 


device — A physical component, either internal or 
external to the computer, that is used to perform 
a specific function. Devices include hard drives, 
video cards, network interface cards, printers, etc. 


Device Driver Interface (DDI) — A specific 
code component that handles the translation of 
generic print commands into device-specific 
equivalents, immediately prior to delivery of a 
spool file to a print device. 


differential backup — A method of backing up 
selected files that have been created or modified 
since the last full backup. They are not marked as 
being backed up. 


direct-attached printer — A print device 
attached directly to a computer, usually through a 
parallel port. See also network interface printer. 
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disabled — The state of a user account, which is 
retained on the system but cannot be used to logon. 


disk bottleneck — A system bottleneck caused by 
a limitation in a computer’s disk subsystem, such 
as a slow drive or controller, or a heavier load 
than the system can handle. 


Disk Management — The MMC snap-in used to 
manage drives. 


disk quota — A feature in Windows that allows 
you to limit the amount of disk space that can be 
consumed by a user. 


Distributed File System (DFS) — Combines 
shared resources from various locations through- 
out a network into a single hierarchical system. 


DMA (Direct Memory Access) — A channel 
used by a hardware device to access memory 
directly, i.e., bypassing the CPU. Windows XP 
supports eight DMA channels, numbered 0 to 7. 


domain — A collection of computers with centrally 
managed security and activities. 


domain controller (DC) — A computer that 
maintains the domain’s Active Directory, which 
stores all information and relationships about 
users, groups, policies, computers, and resources. 
It also authenticates domain logons and maintains 
the security policies and the account database for 
a domain. 


domain model — The networking setup in which 
there is centralized administrative and security 
control. One or more servers are dedicated to the 
task of controlling the domain by providing 
access and authentication for shared domain 
resources to member computers. 


Domain Name Service (DNS) — TCP/IP ser- 
vice that is used to resolve names to IP addresses. 


domain security — The control of user accounts, 
group memberships, and resource access for all 
members of a network instead of for only a sin- 
gle computer. 


domain user account — A user account that can 
be used throughout a domain. 


DOS operating environment — A general term 
used to describe the reasonably thorough DOS 
emulation capabilities provided in a Windows XP 
virtual DOS machine (VDM). 


DOS prompt — The common name for the com- 
mand-line window available from DOS and 
Windows. 


Dr. Watson — An application error debugger. This 
diagnostic tool detects application failures and 
logs diagnostic details. 


drive letter — One of two methods of accessing 
formatted volumes under Windows XP. A drive 
letter can be assigned to a partition or volume or 
a drive configuration of multiple components. 


driver — A software element that is used by an 
operating system to control a device. Drivers are 
usually device-specific. 


dual-boot system — A computer that is config- 
ured to use two operating systems. 


Dynamic Data Exchange (DDE) — A method 
of interprocess communication within the 
Windows operating system. 


Dynamic Host Configuration Protocol 
(DHCP) — An IP-based address management 
service that permits clients to obtain IP addresses 
from a DHCP server. This allows network 
administrators to control and manage IP addresses 
centrally, rather than on a per-machine basis. 


dynamic link library (DLL) — A collection of 
virtual procedure calls, also called procedure stubs, 
that provide a well-defined way for applications to 
call on services or server processes within the 
Win32 environment. DLLs have been a consistent 
aspect of Windows since Windows 2.0. 


dynamic storage — The drive division method 
that employs volumes. It is a new standard sup- 
ported only by Windows XP and Windows 2000. 


Encrypted File System (EFS) — A security fea- 
ture of NTFS under Windows XP that allows 
files, folders, or entire drives to be encrypted. 
Once encrypted, only the user account that 
enabled the encryption has the proper private 
key to decrypt and access the secured objects. 
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enhanced metafile (EMF) — Device-independent 
spool data used to reduce the amount of time 
spent processing a print job. Once it’s queued, 
EMF data requires additional processing to pre- 
pare it for the printer. 


environment subsystem — A mini-operating sys- 
tem running within Windows XP that provides 
an interface between applications and the kernel. 
Windows XP has three environment subsystems: 
Win32, OS/2, and POSIX, but only Win32 is 
required for Windows XP to function. 


event — Any significant occurrence in the system 
or in an application that requires users to be 
notified or a log entry to be recorded. Types of 
events include audits, driver failures, user logon, 
process launching, system shutdown, etc. 


Event Viewer — A system utility that displays one 
of three event logs: System, Security, and 
Application, wherein logged or audited events 
appear. The Event Viewer is often the first stop 
when monitoring a system’s performance or 
seeking evidence of problems, because it is where 
all unusual or extraordinary system activities and 
events are recorded. 


Executive Services — A set of kernel-mode func- 
tions that control security, system I/O, memory 
management, and other low-level services. 


extended partition — A type of partition on a 
basic disk that can be divided into logical drives. 
Only a single extended partition can exist on a 
physical disk. When present, only three primary 
partitions can exist. 


FAT (File Allocation Table) or FAT16 — The 
file system used in versions of MS-DOS. 
Supported in Windows XP in its VFAT form, 
which adds long filenames and 4 GB file and 


volume sizes. 


FAT32 — The 32-bit enhanced version of FAT 
introduced by Windows 95 OSR2 that expands 
the file and volume size of FAT to 32 GB. 
FAT32 is supported by Windows XP. 
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FDISK — A DOS utility used to partition a hard 
disk. The DOS FDISK tool can see and manipu- 
late only primary NTFS partitions; it cannot 
even view logical drives in an extended partition 
formatted with NTFS. 


file system — The method used to arrange, read, 
and write files on disk. Windows XP supports the 
NTFS, FAT, and FAT32 file systems. 


File Transfer Protocol (FTP) — The protocol and 
service that provides TCP/IP-based file transfer to 
and from remote hosts and confers the ability to 
navigate and operate within remote file systems. 


flush — Forcing the memory-resident copy of the 
Registry to be written to files stored on the hard 
drive. A flush occurs at shutdown, when forced by 
an application, or just after a Registry alteration. 


folder redirection — A component of 
IntelliMirror technologies that uses group poli- 
cies to place specified user folders on a share on 
the network. 


format — Rewriting the track and sector informa- 
tion on a disk, it removes all data previously on 


the disk. 


fragmentation — The division of a file into two 
or more parts, where each part is stored in a dif- 
ferent location on the hard drive. As the level of 
fragmentation on a drive increases, the longer it 
takes for read and write operations to occur. 


frame type — One of four available packet struc- 
tures supported by IPX/SPX and NWLink. The 
four frame types supported are Ethernet 802.2, 
Ethernet 802.3, Ethernet I, and Ethernet SNAP. 


gateway — A computer that serves as a router, a 
format translator, or a security filter for an entire 
network. 


global group — A group that exists throughout a 
domain. A global group can be created only on a 
Windows Server system. 


Graphical Device Interface (GDI) — The por- 
tion of the Windows XP operating system 
responsible for the first step of preparing all 


MSCE Guide to Windows XP Professional 


graphical output, whether to be sent to a moni- 
tor or to the printer. 


groups — A named collections of users. 


Guest account — One of the least privileged user 
accounts built into Windows XP. 


handle — A programming term that indicates an 
internal identifier for some kind of system 
resource, object, or other component that must 
be accessed by name (or through a pointer). In 
Task Manager, the number of handles appears on 
the Performance tab in the Totals pane. A sudden 
increase in the number of handles, threads, or 
processes can indicate that an ill-behaved applica- 
tion is running on a system. 


hardware abstraction layer (HAL) — One of 
the few components of the Windows XP archi- 
tecture that is written in hardware-dependent 
code. It is designed to protect hardware resources. 


Hardware Compatibility List (HCL) — 
Microsoft’s updated list of supported hardware for 
Windows XP. 


hardware profile — A collection of custom device 
settings used on computers with changing physi- 
cal components. 


hive — A discrete body of Registry keys, subkeys, 
and values stored in a file. 


HKEY_CLASSES_ ROOT — This Registry key 
contains the value entries that control the rela- 
tionships between file extensions (and therefore 
file format types) and applications. This key also 
supports the data used in object linking and 
embedding (OLE), COM object data, and file- 
class association data. This key actually points to 
another Registry key named HKEY_LOCAL_ 
MACHINE \Software\Classes and provides multi- 
ple points of access to make itself easily accessible 
to the operating system itself and to applications 
that need access to the compatibility information 
already mentioned. 


HKEY_CURRENT_CONFIG — This Registry 
key contains the value entries that control the 
currently active hardware profile; its contents are 
rebuilt each time the system is booted. This key is 
derived from data stored in the HKEY_LOCAL_ 
MACHINE\System\CurrentControlSet\Hard 
wareProfiles\Current subkey. HKEY_CUR- 
RENT_CONKFIG exists to provide backward- 
compatibility with Windows 95/98 applications. 


HKEY_CURRENT_USER — This Registry key 
contains the value entries that define the user 
environment for the currently logged-on user. 
This key is built each time a user logs on to the 
system. The data in this key are derived from the 
HKEY_USERS key and the Ntuser.dat and 
Ntuser.man files of a user’s profile. 


HKEY_LOCAL_MACHINE — This Registry 
key contains the value entries that control the 
local computer. This includes hardware devices, 
device drivers, and various operating system 
components. The data stored in this key are not 
dependent on a logged-on user or the applica- 
tions or processes in use. 


HKEY_USERS — This Registry key contains the 
value entries that define the user environments 
for all users who have ever logged on to this 
computer. As a new user logs on to this system, a 
new subkey is added for that user that is built 
either from the default profile stored in this key 
or from the roaming user profile. 


HOSTS — A static file placed on members of a 
network to provide a resolution mechanism 
between host names and IP addresses. 


hot fix — Similar to a service pack, except that a 
hot fix addresses only one problem, or a small 
number of problems, and may not be fully tested. 


identification — The process of establishing a 
valid account identity on a Windows XP 
machine by supplying a correct and working 
domain name (if necessary) and account name. 


imported user account — A local account created 
by duplicating the name and password of an 
existing domain account. An imported account 
can be used only when the Windows XP 
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Professional system is able to communicate with 
the domain of the original account. 


incremental backup — A method of backing up 
selected files that have been created or modified 
since the last normal or incremental backup. 
These files are marked as being backed up. 


input locale — A combination language and key- 
board layout used to define how data is entered 
into a computer. 


input message queue — A queue for each process 
maintained by the Win32 subsystem that contains 
the messages sent to the process from the user, 
directing its threads to do something. 


instance — A selection of a specific object when 
more than one is present on the monitored sys- 
tem; for example, multiple CPUs or hard drives. 


Integrated Services Digital Network 
(ISDN) — A direct, digital dial-up PSTN Data 
Link-layer connection that operates at 64KB per 
channel over regular twisted-pair cable between a 
subscriber site and a PSTN central office. 


IntelliMirror — A set of features within 
Windows XP that utilizes policies, folder redirec- 
tion, and the Windows Installer Service (WIS) 
for backing up and restoring users’ data, personal- 
ized settings, and applications. 


Internet Control Message Protocol (ICMP) — 
The protocol in the TCP/IP suite that handles 
communication between devices about network 
traffic, quality of service, and requests for specific 
acknowledgments (such as those used in the 
PING utility). 


Internet Printing Protocol (IPP) — A new 
Windows XP protocol that adds Web support to 
the print subsystem. IPP allows remote users to 
submit print jobs for printing, view printer 
queues, and download print drivers. 

Internet Protocol (IP) — The protocol that han- 
dles routing and addressing information for the 
TCP/IP protocol suite, IP provides a simple con- 
nectionless transmission that relies on higher layer 
protocols to establish reliability. 
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Internetwork Packet Exchange (IPX) — The 
protocol developed by Novell for its NetWare 
product. IPX is a routable, connection-oriented 
protocol similar to TCP/IP but much easier to 
manage and with lower communication overhead. 


Internetwork Packet Exchange/Sequenced 
Packet Exchange (IPX/SPX) — The name of 
the two primary protocols developed by Novell 
for its NetWare network operating system. 
IPX/SPX is derived from the XNS protocol 
stack and leans heavily on XNS architecture and 
functionality. See also IPX and SPX. 


interprocess communication (IPC) — The 
mechanism that defines a way for internal 
Windows processes to exchange information. 


IPSec (IP Security) — An encrypted communica- 
tion mechanism for TCP/IP to create protected 
communication sessions. IPSec is a suite of 
cryptography-based protection services and 
security protocols. 


I/O port — The section of memory used by the 
hardware to communicate with the operating 
system. When an IRQ is used, the system checks 
the I/O port memory area for additional infor- 
mation about what function is needed by the 
device. The I/O port is represented by a hexa- 
decimal number. 


IRQ (interrupt request) — The interrupt request 
level that is used to halt CPU operation in favor 
of the device. Windows supports 16 interrupts, 
namely IRQ 0 to 15. 


Kerberos version 5 — An authentication encryp- 
tion protocol employed by Windows XP to pro- 
tect logon credentials. 


kernel — The core of the Microsoft Windows XP 
operating system. It is designed to facilitate all 
activity within the Executive Services. 


kernel mode — Systems running in kernel mode 
are operating within a shared memory space and 
with access to hardware. Windows XP Executive 
Services operates in kernel mode. 
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key — A top-level division of the Registry. There 
are five keys in a Windows XP Registry. A key 
can contain subkeys. 


language monitor — The part of the print 
monitor that sets up bidirectional messaging 
between the printer and the computer initiating 
the print job. 

Last Known Good Configuration (LKGC) — 
The control set for Windows XP that is automat- 
ically saved by the system in a special set of 
Registry keys the first time a user logs on suc- 
cessfully to a system immediately after it has 
booted up. This information provides a safe fall- 
back to use when booting the system the next 
time, if changes made to the Registry in the 
interim cause problems with booting (or if 
changes have been introduced that a user does 
not want to retain on that system). 


Layer Two Tunneling Protocol (L2TP) — A 
VPN protocol developed by Cisco Systems, Inc. 
to improve security over Internet links by inte- 
grating with IPSec. 


LMHOSTS — A file used in Microsoft networks 
to provide NetBIOS name-to-address resolution. 


load phase — The Windows XP load phase begins 
when the kernel assumes control of the machine, 
and consists of the following five steps: (1) loading 
the kernel, (2) initializing the kernel, (3) loading 
services, (4) starting the Windows XP system, and 
(5) logging on. All five steps must be completed 
successfully for a complete load to occur. 


Local Computer Policy — A Windows XP secu- 
rity control feature used to define and regulate 
security-related features and functions. 


local groups — A group that exists only on the 
computer where it was created. A local group can 
have users and global groups as members. 


local procedure call (LPC) — A technique to 
permit processes to exchange data in the 
Windows XP runtime environment. LPCs define 
a rigorous interface to let client programs request 
services, and to let server programs respond to 
such requests. 


Local Security Policy — The centralized control 
mechanism that governs password, account lock- 
out, audit, user rights, security options, public 
key, and IP Security. 


local user account — A user account that exists 
on a single computer. 


locked out — The state of a user account that is 
disabled due to logon attempts that have repeat- 
edly failed. 


logon authentication — The requirement to pro- 
vide a name and password to gain access to the 
computer. 


long file names (LFNs) — Filenames up to 256 
characters in length, supported by all file systems 
under Windows XP. 


mailslots — A connectionless version of named 
pipes; mailslots offer no delivery guarantees, nor 
do they acknowledge successful receipt of data. 


mandatory profile — A user profile that does not 
retain changes once the user logs out. Mandatory 
profiles are used to maintain a common desktop 
environment for users. 


Master Boot Record (MBR) — The partition 
table for a disk, and the code that permits that 
partition table to be read. A functioning MBR is 
required to boot a hard disk. 


memory bottleneck — A system bottleneck 
caused by a lack of available physical or virtual 
memory that results in system slowdown or (in 
extreme cases) an outright system crash. 


Microsoft Management Console (MMC) — 
The standardized interface into which consoles, 
snap-ins, and extensions are loaded to perform 
administrative tasks. 


mirrored volume — A drive configuration of a 
single volume is duplicated onto another volume 
on a different hard drive. Provides fault tolerance. 
In Windows NT, a mirror on a drive hosted by a 
different drive controller was called duplexing, but 
this distinction is no longer used in Windows XP 
(Windows .NET Server only). 


mismatched document — A document with 
incompatible printer and page settings (that is, 
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the page settings are impossible to produce given 
the existing printer settings). 


mode — A programming and operational separa- 
tion of components, functions, and services. 


modem (Modulator/Demodulator) — A Data-link 
layer device used to create an analog signal suit- 
able for transmission over telephone lines from a 
digital data stream. Modern modems also include 
a command set to negotiate connections and data 
rates with remote modems and to set their 
default behavior. 


mount point or mounted volume — A new 
drive-access technique that maps a volume or 
partition to an empty directory on an NTFS 
volume or partition. 


MS-DOS — One of the most popular character- 
based operating systems for personal computers. 
Many DOS concepts are still in use by modern 
operating systems. 


multi-boot system — A computer that hosts two 
or more operating systems that can be booted by 
selecting one from a boot menu or boot manager 
during each bootup. 


multiprocessing — The ability to distribute threads 
among multiple CPUs on the same system. 


Multi-Provider Router (MPR) — A file system 
service that can designate the proper redirector to 
handle a resource request that does not use UNC 
naming. The MPR lets applications written to 
older Microsoft specifications behave as if they 
used UNC naming. The MPR is able to recog- 
nize those UNCs that correspond to defined 
drive mappings receive copies of the domain 
security database or Active Directory. 


multitasking — Sharing processor time between 
threads. Multitasking may be preemptive (the 
operating system may bump one thread if another 
one really needs access to the processor), or 
cooperative (one thread retains control of the 
processor until its turn to use it is over). 
Windows XP uses preemptive multitasking 
except in the context of the WOW operating 
environment, because Windows 3.x applications 
expect cooperative multitasking. 
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multithreaded process — A process with more 
than one thread running at a time. 


multithreading — The ability of an operating sys- 
tem and hardware to execute multiple pieces of 
code (or threads) from a single application 
simultaneously. 


Multiple Universal Naming Convention 
Provider (MUP) — A Windows XP software 
component that allows two or more UNC 
providers (for example, Microsoft networks and 
NetWare networks) to exist simultaneously. The 
MUP determines which UNC provider will 
handle a particular UNC request and forwards 
the request to that provider. 


multiple-user system — An operating system that 
maintains separate and distinct user accounts for 
each person. 


named pipes — Provides support for a connection- 
oriented message passing service for clients and 
servers. 


naming convention — A standardized regular 
method of creating names for objects, users, com- 
puters, groups, etc. 


NDS tree — The hierarchical representation of 
the Novell Directory Services database on 
NetWare 4.0 and higher networks. 


NetBIOS Extended User Interface 
(NetBEUI) — A simple transport program 
developed to support NetBIOS installations. 
NetBEUI is not routable, so it is not appropriate 
for larger networks. 


NetBIOS Gateway — A service provided by 
remote access that allows NetBIOS requests to 
be forwarded independent of the transport proto- 
col. For example, NetBEUI can be sent over the 
network via NWLink. 


NetBIOS over TCP/IP (NBT) — A network 
protocol in the TCP/IP stack that provides 
NetBIOS naming services. 


NetWare Core Protocol (NCP) — The protocol 
used by CSNW to make file and print services 
requests of NetWare servers. 
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network adapter (NIC) — Another name for 
network card; the piece of hardware that enables 
communication between the computer and the 
network. 


network authentication — The act of connecting 
to or accessing resources from some other member 
of the domain network. Network authentication is 
used to prove that you are a valid member of the 
domain, that your user account is properly authen- 
ticated, and that you have access permissions to 
perform the requested action. 


Network Basic Input/Output System 
(NetBIOS) — A client/server interprocess com- 
munication service developed by IBM in 1985. 
NetBIOS presents a relatively primitive mecha- 
nism for communication in client/server applica- 
tions, but allows an easy implementation across 
various Microsoft Windows computers. 


network bottleneck — A system bottleneck 
caused by excessive traffic on the network medi- 
um to which a computer is attached, or when 
the computer itself generates excessive amounts 
of such traffic. 


Network Driver Interface Specification 
(NDIS) — Microsoft specification that defines 
parameters for loading more than one protocol 
on a network adapter. 


Network Dynamic Data Exchange 
(NetDDE) — An interprocess communication 
mechanism developed by Microsoft to support the 
distribution of DDE applications over a network. 


network interface printer — A print device 
attached directly to the network medium, usually 
by means of a built-in network interface integrated 
within the printer, but sometimes by means of a 
parallel-attached network printer interface. 


network number — The specific network identi- 
fier used by IPX for internal and network 
communication. 


new installation — See clean installation. 


New Technology File System (NTFS) — The 
high-performance file system supported by 
Windows XP that offers file-level security, 
encryption, compression, auditing, and more. 
Supports volumes up to 16 exabytes theoretically, 
but Microsoft recommends volumes not exceed 2 
terabytes. 


normal (or full) backup — A method of backing 
up all selected files and marking them as being 
backed up. 


Novell Directory Services (NDS) — The hierar- 
chical database used by NetWare 4.0 and higher 
servers to store network resource object configu- 
ration information. 


NTFS (New Technology File System) — The 
preferred file system of Windows XP. Supports 
file-level security, encryption, compression, audit- 
ing, and more. Supports volumes up to 2 TB. 


Ntldr — The Windows XP loader program that 
manages the boot and load phases of Windows XP 
on a PC. 


NTLM (NT LAN Manager) authentication — 
The authentication mechanism used on 
Windows NT that is retained by Windows XP 
for backward compatibility. 


NWLink — Microsofts implementation of Novell’s 
IPX/SPX protocol, used for Microsoft 
Networking or for facilitating connectivity with 
Novell networks. 


object — Everything within the Windows XP 
operating environment is an object. Objects 
include files, folders, shares, printers, processes, etc. 
See also performance object. 


Open Datalink Interface (ODI) — Novell’s 
specification for network device communication. 


operating system (OS) — Software designed to 
work directly with hardware to provide a com- 
puting environment within which production 
and entertainment software can execute, and 
which creates a user interface. 


package — The name of the collection of installer 
files, transforms, and other code components 
that support automated deployment of Windows 
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programs. This term may also be applied to the 
.msi files associated with the Microsoft Installer 
facility used to drive automated installations 
through the Microsoft Installer itself. 


Packet Internet Groper (PING) — An IP-based 
utility that can be used to check network con- 
nectivity or to verify whether a specific host else- 
where on the network can be reached. 


page — An individual unit of memory that the 
Virtual Memory Manager manipulates (moves 
from RAM to paging file and vice versa). 


parent process — The Windows XP environment 
subsystem that creates a runtime process, and 
imbues that child process with characteristics 
associated with that parent’s interfaces, capabili- 
ties, and runtime requirements. 


partition — A space set aside on a disk and 
assigned a drive letter. A partition can take up all 
or part of the space on a disk. 


partition boot sector — The partition that con- 
tains the information the file system uses to 
access the volume, including a physical descrip- 
tion of the disk, the name and version of the 
operating system files, the bootstrap code, and an 
instruction that allows the Master Boot Record 
to find all this information. 


password — A unique string of characters that 
must be provided before a logon or an access is 
authorized. Passwords are a security measure used 
to restrict initial access to Windows XP resources. 


password policy — Defines the restrictions on 
passwords. 


PC Cards — The modern name of the PCMCIA 
technology. PC Cards are credit card-sized 
devices typically used to expand the functionality 
of notebook or portable computers. 


PCMCIA — The older name for the technology 
now called PC Cards. PCMCIA stands for 
Personal Computer Memory Card International 
Association. 


peer-to-peer — A type of networking in which 
each computer can be a client to other comput- 
ers and act as a server as well. 
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performance object — A component of the 
Windows XP Professional system environment; 
objects range from devices to services to 
processes. 


Plug and Play (PnP) — A technology that allows 
an operating system to inspect and identify a 
device, install the correct driver, and enable the 
device, all without user interaction. Plug and Play 
simplifies the adding and removing of hardware 
and can often offer on-the-fly reconfiguration of 
devices without rebooting. 


Point-to-Point Protocol (PPP) — A Network 
layer transport that provides connectivity over 
serial or modem lines. PPP can negotiate any 
transport protocol used by both systems involved 
in the link and can automatically assign IP, DNS, 
and gateway addresses when used with TCP/IP. 


Point-to-Point Tunneling Protocol (PPTP) — 
Protocol used to connect to corporate networks 
through the Internet or an ISP. 


port — Any physical communication channel to 
which a modem, direct cable, or other device can 
be connected to enable a link between two 
computers. 


port monitor — The part of the print monitor 
that transmits the print job to the print device 
through the specified port. Port monitors are 
actually unaware of print devices as such, but 
only know that something is on the other end 
of the port. 


power-on self test (POST) — The system check 
performed by all computers when they are 
turned on. 


PPP MultiLink — A capability of remote access to 
aggregate multiple data streams into one network 
connection for the purpose of using more than 
one modem or ISDN channel in a single 
connection. 


preemptive multitasking — A computing envi- 
ronment in which the operating system maintains 
control over the duration of operating time any 
thread (a single process of an application) is 
granted on the CPU. 
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primary partition — A type of partition on a 
basic disk that can be marked active. Up to four 
primary partitions can exist on a physical disk. 


print client — A network client machine that 
transmits print jobs across the network to a 
printer for spooling and delivery to a designated 
print device or printer pool. 


print device — In everyday language, a piece of 
equipment that provides output service—in other 
words, a printer. However, in Microsoft terminol- 
ogy, a printer is a logical service that accepts print 
jobs and delivers them to some print device for 
output when that device is ready. Therefore, in 
Microsoft terminology, a print device is any piece 
of equipment that can produce output, so this 
term would also describe a plotter, a fax machine, 
or a slide printer, as well as a text-oriented output 
device, such as an HP LaserJet. 


print job — The contents of a completely or par- 
tially interpreted data file that contains text and 
control characters that will ultimately be deliv- 
ered to a print device to be printed, or otherwise 
rendered in some tangible form. 


print processor — Software that works with the 
printer driver to despool files and make any nec- 
essary changes to the data to format it for use 
with a particular printer. The print processor 
itself is a PostScript program that understands the 
format of a document image file and how to 
print the file to a specific PostScript printer or 
class of printers. 


print provider — The server-side software that 
sends the print job to the proper server in the 
format that it requires. Windows XP supports 
both Windows network print providers and 
NetWare print providers. 


print resolution — A measurement of the number 
of dots per inch (dpi) that describes the output 
capabilities of a print device; most laser printers 
usually produce output at 300 or 600 dpi. In gen- 
eral, the larger the dpi rating for a device, the bet- 
ter looking its output will be (but high-resolution 
devices cost more than low-resolution ones). 


print router — The software component in the 
Windows XP print subsystem that directs print 
jobs from one print server to another, or from a 
client to a remote printer. 


print server — A computer that links print devices 
to the network and shares those devices with 
client computers on the network. 


print spooler — A collection of Windows XP 
DLLs used to acquire, process, catalog, and dis- 
pense print jobs to print devices. The spooler acts 
like a holding tank, in that it manages an area on 
disk called the spool file on a print server, where 
pending print jobs are stored until they’ve been 
successfully output. The term “despooling” refers 
to the process of reading and interpreting what’s 
in a spool file for delivery to a print device. 


Print Server services — A collection of named 
software components on a print server that han- 
dles incoming print jobs and forwards them to a 
print spooler for post-processing and delivery to 
a print device. These components include sup- 
port for special job handling that can enable a 
variety of client computers to send print jobs to 
a print server for processing. 


printer (logical printer) — In Microsoft termi- 
nology, a printer is not a physical device, but 
rather a named system object that communicates 
between the operating system and some print 
device. The printer handles the printing process 
for Windows XP from the time a print com- 
mand is issued, until a print job has been suc- 
cessfully output. The settings established for a 
printer in the Add Printer Wizard in the Printers 
and Faxes applet (Start | Printers and Faxes) indi- 
cate which print device (or devices, in the case 
of a printer pool) will handle print output, and 
also provide controls over how print jobs will be 
handled (banner page, special post-processing, 
and so forth). 


printer driver — Special-purpose software com- 
ponents that manage communications between 
the I/O Manager and a specific print device. 
Ultimately, printer drivers make it possible for 
Windows XP to despool print jobs, and send 
them to a print device for output services. 
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Modern printer drivers also allow the printer to 
communicate with Windows XP, and to inform 
it about print job status, error conditions (out of 
paper, paper jam, and so forth), and print job 
problems. 


printer graphics driver — The part of the printer 
driver that renders GDI commands into device 
driver interface commands that may be sent to 
the printer. 


printer interface driver — The part of the printer 
driver that provides an interface to the printer 
settings. 


Printer Job Language — A specialized language 
that provides printer control at the print-job level 
and enables users to change printer default levels 
such as number of copies, color, printer languages, 
and so on. 


printer pool — A collection of two or more iden- 
tically configured print devices to which one or 
more Windows XP printers direct their print 
jobs. Basically, a printer pool permits two or 
more printers to act in concert to handle high- 
volume printing needs. 


printer priority — The setting that helps to deter- 
mine which printer in a pool will get a given 
print job. The printer with the higher priority is 
more likely to get the print job. 

process — The primary unit of execution in the 
Windows XP operating system environment. A 
process may contain one or more execution 
threads, all associated with a named user account, 
SID, and access token. Processes essentially define 
the container within which individual applica- 
tions and commands execute under Windows XP. 


processor bottleneck — A system bottleneck that 
occurs when demands for CPU cycles from cur- 
rently active processes and the operating system 
cannot be met, usually indicated by high utiliza- 
tion levels or processor queue lengths greater 
than or equal to two. 
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product activation — A mechanism by which a 
product fails if not registered within a specified 
time period. To be activated, a product must be 
registered with a correlated product key and 
hardware signature. 


profile — See user profile. 


public key policy — A security control of 
Windows XP where recovery agents for EFS and 
domain-wide and trusted certificate authorities 
are defined and configured. These policies can be 
enforced on a user by user basis. 


Public Switched Telephone Networks (PSTN) 
— A global network of interconnected digital 
and analog communication links originally 
designed to support voice communication 
between any two points in the world, but quickly 
adapted to handle digital data traffic. 


PXE (Pre-boot Execution) — A standard envi- 
ronment in PC98-compliant computers and net- 
work computers that can be used for a remote 
OS installation. 


queue (print queue) — A series of files stored in 
sequential order waiting for delivery from a spool 
file to a print device. 


RAID-5 volume (Redundant Array of 
Inexpensive Disks) — A drive configuration of 
three or more parts (up to 32) of one or more 
drives or three or more entire drives (up to 32). 
Data is written to all drives in equal amounts to 
spread the workload, and parity information is 
added to the written data to allow for drive fail- 
ure recovery. Provides fault tolerance. If one par- 
tition or drive fails in the set, the other members 
can re-create the missing data on the fly. Once 
the failed member is replaced or repaired, the 
data on that drive can be rebuilt and restored. 
This is also known as disk striping with parity 
(Windows Server products only). 


RAW — Device-dependent spool data that is fully 
ready to be printed when rendered. 


real mode — A DOS term that describes a mode of 
operation for x86 CPUs wherein they can address 
only 1 MB of memory, broken into 16 64-KB 
segments, where the lower ten such segments are 
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available to applications (the infamous 640 KB), 
and the upper six segments are available to the 
operating system or to special application dri- 
vers—or, for Windows XP, to aVDM. 


Recovery Console — A command-line interface 
that provides administrative tools useful for 
recovering a system that is not booting correctly. 


Reg — A special command-line utility that users, 
programs, or the operating system can use to 
access, inspect, create, or modify Registry keys. 


REG_BINARY — A Registry value entry data 
type that stores data in binary format. 


REG_DWORD — A Registry value entry data 
type that stores data in binary, hex, or 
decimal format. 


REG_EXPAND_SZ — A Registry value entry 
data type that stores data in expandable text- 
string format containing a variable that is 
replaced by an application when used (for 
example, %Systemroot%\ File. exe). 


Regedit — The 16-bit Registry editor. Regedit 
offers global searching and combines all of the 
keys into a single display. It can be used to per- 
form searches, add new subkeys and value 
entries, alter the data in value entries, and import 
and export keys and subkeys. 


Registry — The hierarchical database of system 
configuration data essential to the health and 
operation of a Windows system. 


REG_MULTI SZ — A Registry value entry data 
type that stores data in text-string format con- 
taining multiple human-readable values separated 
by null characters. 


REG_SZ — A Registry value entry data type that 
stores data in text-string format. 


Remote Access Service (remote access) — The 
service in Windows XP that allows users to log 
into the system remotely over phone lines. 


remote execution (rexec) — The IP-based utility 
that permits a user on one machine to execute a 
program on another machine elsewhere on the 
network. 


Remote Installation Preparation (RIPrep) — A 
type of installation used with remote OS installa- 
tion whereby an administrator can take an entire 
image of one Windows XP Professional machine 
and install it onto other workstations. That image 
can include the OS as well as installed applica- 
tions and configuration settings. 


Remote Installation Services (RIS) — An 
optional service in Windows Server that works 
with various other services to enable remote 
installations, including a remote operating system 
installation. 


remote OS installation — A component of 
Remote Installation Services (RIS) that can 
install Windows XP Professional on remote- 
boot-enabled PCs across a network. 


remote shell (rsh) — The IP-based utility that 
permits a user on one machine to enter a shell 
command on another machine on the network. 


removable storage device — Any type of floppy, 
cartridge, or drive that can be either removed 
between reboots or as a hot swappable device. 


rendering — Graphically creating a print job. 
Reverse Address Resolution Protocol (RARP) 


— The IP protocol used to map from a physical 
MAC-layer address to a logical IP address. 


Scheduled Tasks — The component of Windows XP 
used to automate the execution or launch of pro- 
grams and batch files based on time and system 
conditions. 


sector — The smallest division (512 bytes) of a 
drive’s surface. 


Secure Socket Layer/Transport Layer Security 
(SSL/TLS) — A mechanism used primarily 
over HTTP communications to create an 
encrypted session link through the exchange of 
certificates and public encryption keys. 


Security Accounts Manager (SAM) — The 
database of user accounts, group memberships, 
and security-related settings. 


security ID (SID) — A unique number that iden- 
tifies a logged-on user to the security system. 
SIDs can identify one user or a group of users. 
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Security log — Records security-related events. 


security options — Defines and controls various 
security features, functions, and controls of the 
Windows XP environment. 


Sequenced Packet Exchange (SPX) — A 
connection-oriented protocol used in the 
NetWare environment when guaranteed delivery 
is required. 

serial — A method of communication that trans- 
fers data across a medium one bit at a time, usu- 
ally adding start and stop bits to ensure reliable 
delivery. 


Serial Line Internet Protocol (SLIP) — An 
implementation of the IP protocol over serial 
lines. SLIP has been made obsolete by PPP. 


server — The networked computer that responds 
to client requests for network resources. 


service — A software element used by the operat- 
ing system to perform a function. Services 
include offering resources over the network, 
accessing resources over the network, print 
spooling, etc. 


service pack — A collection of code replacements, 
patches, error corrections, new applications, ver- 
sion improvements, or service-specific configura- 
tion settings from Microsoft that corrects, 
replaces, or hides the deficiencies of the original 
product, preceding service packs, or hot fixes. 


setup boot disks (or floppies) — The disks used 
by Windows XP to initiate the installation 
process on computer systems that do not have an 
existing OS, do not have a CD-ROM that sup- 
ports bootable CDs, or do not have network 
access to a Windows XP distribution file share. 
These disks can be created by running the 
MAKEBOOT file from the BOOTDISK direc- 
tory on the distribution CD. 


Setup Manager — The Windows XP tool that pro- 
vides you with a GUI for creating an answer file. 


share — A resource that can be accessed over the 
network. 
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shell — The default user process that is launched 
when a valid account name and password combi- 
nation is authenticated by the WinLogon process 
for Windows XP. The default shell of Windows 
XP is Windows Explorer. The default shell 
process manages the desktop, Start menu, taskbar, 
and other interface controls. The shell process 
defines a logged on user’s runtime environment 
from this point forward, and supplies all spawned 
processes or commands with its access token to 
define their access permissions until that account 
logs out. 


Simple Mail Transport Protocol (SMTP) — 
The IP-based messaging protocol and service 
that supports most Internet e-mail. 


Simple Network Management Protocol 
(SNMP) — The IP-based network management 
protocol and service that makes it possible for 
management applications to poll network devices 
and permits devices to report on error or alert 
conditions to such applications. 


simple volume — A drive configuration of all or 
part of a single drive. Does not provide any fault 
tolerance. NTFS volumes can be extended; FAT 
and FAT32 volumes cannot be extended. 


snap-in — A component that adds control mecha- 
nisms to a console for a specific service or object, 
thereby extending the functionality of that con- 
sole (as with snap-ins for the MMC). 


spanned volume — A drive configuration of two 
or more parts (up to 32) of one or more drives 
or two or more entire drives, the elements of the 
spanned volume do not have to be equal in size. 
Data is written to the first drive in the volume 
until it is full, then it continues on with the next 
drive. It is also called an extended volume. Does 
not provide any fault tolerance. If one partition 
or drive in the set fails, all data is lost. Spanned 
volumes cannot be part of a striped volume or a 
mirrored volume. NTFS spanned volumes can be 
extended; FAT and FAT32 spanned volumes can- 
not be extended. The system partition/volume 
and boot partition/volume cannot be extended. 
Volume sets can be reduced in size only by 
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breaking the set and creating a new set. The act 
of breaking the set destroys all data stored on the 
volume. 


spooling — One of the functions of the print 
spooler, this is the act of writing the contents of a 
print job to a file on disk so they will not be lost 
if the print server is shut down before the job is 
completed. 


striped volume — A drive configuration of two or 
more parts (up to 32) of one or more drives or 
two or more entire drives (up to 32). Data is 
written to all drives in equal amounts (in 64 KB 
units) to spread the workload and improve per- 
formance. Each part or drive must be roughly 
equal in size. Does not provide any fault toler- 
ance. If one partition or drive in the set fails, all 
data is lost. Striped volumes cannot be mirrored 
or extended. 


subkey — A division of a Registry key, such as 
HKEY_LOCAL_MACHINE.A subkey can con- 
tain other subkeys and value entries. 


subnet — A portion of a network that might or 
might not be a physically separate network. A 
subnet shares a network address with other parts 
of the network but is distinguished by a subnet 
number. 


subnet mask — The number used to define which 
part of a computer’s IP address denotes the host 
and which part denotes the network. 


subsystem — An operating environment that emu- 
lates another operating system (such as DOS) to 
provide support for applications created for that 
environment. 


synchronization object — Any of a special class of 
objects within the Windows XP environment that 
are used to synchronize and control access to 
shared objects and critical sections of code. 


SYSPREP — The Windows XP utility used to 
clone a system. 


SYSDIFF — The Windows XP utility used to take 
a snapshot of a basic installation and, after 
changes have been made, record the changes and 
apply them to another installation. 


System log — Records information and alerts 
about Windows XP Professional’s internal 
processes. 


System Monitor — The utility that tracks regis- 
tered system or application objects, where each 
such object has one or more counters that can be 
tracked for information about system behavior. 


system partition — The partition that is the active 
partition where the boot files required to display 
the boot menu and initiate the booting of 
Windows XP are stored. 


System State data — A collection of system- 
specific data that can be backed up and restored 
using the Windows XP Backup utility. 


Telnet — The TCP/IP-based terminal emulation 
protocol used on IP-based networks to permit 
clients on one machine to attach to and operate 
on another machine on the network as if the 
other machines were terminals locally attached to 
a remote host. 


thread — In the Windows XP Professional run- 
time environment, a thread is the minimum unit 
of system execution and corresponds roughly to 
a task within an application, the Windows XP 
kernel, or within some other major system com- 
ponent. Any task that can execute in the back- 
ground can be considered a thread (for example, 
run-time spell checking or grammar checking in 
newer versions of Microsoft Word), but it’s 
important to recognize that applications must be 
written to take advantage of threading (just as 
the operating system itself is). 


Trace log — A log that records data only when 
certain events occur. Trace logs record nonconfig- 
urable data from a designated provider when an 
event occurs. 


transaction log — A file created by Windows XP 
to record Registry changes. These files, with a 
.log extension, are used to verify that changes to 
the Registry are made successfully. 


transform — A specific type of Microsoft Installer 
file that usually ends in .mst and that defines 
changes or customization to an existing 
Microsoft Installer package, and the .msi file in 
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which the base installer instructions reside. 
Because most vendors (and Microsoft) define 
.msi files for their programs and systems, it’s often 
easier to customize an existing .msi file with an 
.mst transform, rather than defining a new 
installer package from scratch. 


Transmission Control Protocol/Internet 
Protocol (TCP/IP) — A suite of Internet pro- 
tocols upon which the global Internet is based. 
TCP/IP is the default protocol for Windows XP. 


Transmission Control Protocol (TCP) — The 
reliable, connection-oriented IP-based transport 
protocol that supports many of the most impor- 
tant IP services, including HTTP, SMTP, 
and FTP. 


Trivial File Transport Protocol (TFTP) — A 
lightweight alternative to FTP, TFTP uses UDP 
to provide only simple get-and-put capabilities 
for file transfer on IP-based networks. 


unattended installation — A Windows XP instal- 
lation that uses a script and does not require user 
interaction. 


uniqueness database file (UDF) — A text file 
that contains a partial set of instructions for 
installing Windows XP; used to supplement an 
answer file, when only minor changes are needed 
that don’t require a new answer file. 


Universal Naming Convention (UNC) — A 
multivendor, multiplatform convention for iden- 
tifying shared resources on a network. 


upgrade — The installation method in which data 
and configuration settings from the previous 
operating systems remain intact. The level or 
amount of retained data varies based on the 
existing operating system’s type. 

user account — A named security element used 
by a computer system to identify individuals 
and to record activity, control access, and retain 
settings. This entity contains all of the informa- 
tion that defines a user to the Windows XP 
environment. 


628 


User Datagram Protocol (UDP) — A light- 
weight, connectionless transport protocol used as 
an alternative to TCP in IP-based environments 
to supply faster, lower overhead access, primarily 
(but not exclusively) to local resources. 


User Mode — The condition of a console that 
prevents adding or removing snap-ins or 
re-saving the console file. Systems running in 
User Mode are operating in virtual private mem- 
ory areas for each process, so that each process is 
protected from all others. User-Mode processes 
may not manipulate hardware, but must send 
requests to kernel-mode services to do this 
manipulation for them. 


user profile — A collection of user-specific settings 
that retain the state of the desktop, Start menu, 
color scheme, and other environmental aspects 
across logons. 


User Rights Policy — Defines which groups or 
users can perform the specific privileged action. 


value — The actual data stored by a value entry. 


value entry — A named Registry variable that 
stores a specific value or data string. A Registry 
value entry’s name is typically a multiword phrase 
without spaces and with title capitalization. 


virtual device driver (VDD) — A device driver 
used by virtual DOS machines (VDMs) to pro- 
vide an interface between the application, which 
expects to interact with a 16-bit device driver, 
and the 32-bit device drivers that Windows XP 
provides. 


virtual DOS machine (VDM) — A Win32 appli- 
cation that emulates a DOS environment for use 
by DOS and Win16 applications. 


virtual memory — A Windows XP kernel service 
that stores memory pages that are not currently 
in use by the system in a paging file. This frees up 
memory for other uses. Virtual memory also 
hides the swapping of memory from applications 
and higher-level services. 


Virtual Memory Manager (VMM) — The part 
of the operating system that handles process pri- 
ority and scheduling, providing the ability to 
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preempt executing processes and schedule new 
processes. 


volume — With basic storage, it is a collection of 
two to 32 partitions into a single logical struc- 
ture. With dynamic storage, it is any division of a 
physical drive or collection of divisions into a 
drive configuration. 


wide area network (WAN) — A geographically 
dispersed network of networks connected by 
routers and communications links. The Internet is 
the largest WAN. 


Win16 — The collection of components, interfaces, 
and capabilities that permits Win16 applications 
to run within aVDM within the Win32 subsys- 
tem on Windows XP. 


Win16-on-Win32 (WOW) VDM — The formal 
name for the collection of components, inter- 
faces, and capabilities that permits the Win32 
subsystem to provide native support for well- 
behaved 16-bit Windows applications. 


Win32 — The main 32-bit subsystem used by 
Win32 applications and other application sub- 
systems. 


Windows Installer Service (WIS) — A Windows 
XP component that manages the installation and 
removal of applications by applying a set of cen- 
trally defined setup rules during the installation 
process. 


Windows Internet Name Service (WINS) — 
Service that provides NetBIOS-name-to-IP- 
address resolution. 


WinLogon — The process used by Windows XP to 
control user authentication and manage the 
logon process. WinLogon produces the logon 
dialog box where user name, password, and 
domain are selected, controls automated logon, 
warning text, the display of the shutdown button, 
and the display of the last user to log onto the 
system. 


WINNT — The 16-bit Windows XP installation 
program. 


WINNT32 — The 32-bit Windows XP installation 
program. 


Wizard — A tool or utility that has an interactive 
step-by-step guide to walk you through a com- 
plex or detailed configuration process. 


workgroup — A networking scheme in which 
resources, administration, and security are distrib- 
uted throughout the network. 
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workgroup model — The networking setup in 
which users are managed jointly through the use 
of workgroups to which users are assigned. 


X.25 — A standard that defines packet-switching 
networks. 


